What is NGINX Web Application Firewall?

Even when you understand security, it is difficult to create secure applications, especially when working under the pressures so common in today’s enterprise. The NGINX Web Application Firewall (WAF) protects applications against sophisticated Layer 7 attacks that might otherwise lead to systems being taken over by attackers, loss of sensitive data, and downtime. The NGINX WAF is based on the widely used ModSecurity open source software.

Why NGINX WAF?

Battle-tested

Used by more than a million websites, ModSecurity is the most trusted name in application security

Flexible

NGINX WAF is open source software that can be deployed in any environment – bare metal, public cloud, private cloud, hybrid cloud, virtual machines, and containers

Cost-effective

PCI compliance at a fraction of the cost of hardware WAFs

Features

Layer 7 attack protection

Detect and stop a broad range of Layer 7 attacks:

SQL injection (SQLi), cross-site scripting (XSS), and Local File Include (LFI), which together account for over 90% of known Layer 7 attacks